Re: IE attack...

[Juha-Matti Laurio <juha-matti.laurio () netti fi>]

This code listing appeared to many sites in hours (on Thursday), maybe 
the readers of mailing lists just didn't sent a note to the lists. Many 
security companies updated their advisories to include information about 
existing code.

Regards,
Juha-Matti


> On 3/25/06, Dave Aitel <dave () immunityinc com> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > So this is the IE attack various sites are owning people with...I
> > stumbled on it while browsing random things. It's been a pretty bad
> > week for IE this week. Of course, it's been a pretty bad year for IE.
> > Been a pretty bad time all around for IE. Motto: "Giving Host
> > Intrusion Prevention vendors case study after case study."
> >
> > I don't know why the other lists aren't posting this. Maybe there was
> > a memo that went around where you try to keep people from knowing what
> > they're actually at risk from.
> >
> > - -dave
>
> Ya this was released on Thursday by Unl0ck Research Team, removed
> comment section below.
>
> <!--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
> /\
> \/      Internet Explorer Remote Code Execution Exploit v 0.1
> /\                by Darkeagle of Unl0ck Research Team
> \/
> /\      used SkyLined idea of exploitation. special tnx goes to him.
> \/
>
> Affected Software       :  Microsoft Internet Explorer 6.x, IE7 Beta 2
> Severity                :  Critical
> Impact          :  Remote System Access
> Solution Status :  ** UNPATCHED **
> Discovered by   :  Computer Terrorism (UK)
> Advisory Date   :  22nd March, 2006
> Tested          :  WinXP SP2 RUS IE 6.0 (full patched)
>
> Vulnerability details:
---clip---